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Amendments to the Claims : 

This listing of claims will replace all prior versions, and Ustings, of claims in the appUcation, 
r TSITTNG OF CLAIMS: 

1 . (Currently amended) An access system for a computer site, comprising 
a certificate authentication component to verify a user's identity from a 

digital certificate supplied by the user, 

a directory, coupled to the certificate authentication component, to 
maintain an account for each individual user, each account containing an access 
policy specifying at least one portion of the computer site to which the 
corresponding user is permitted access, and 

an access control system, coupled to the directory, for controlling access to 
a computer site by permitting the user to access a portion of the computer site and 
restricting the user from accessing at least one other portion of the computer site, 
based on the access policy associated with the individual user in a directory. 

2, (Original) An access system as in claim 1, wherein the access policy 
includes information representative of a portion of the computer site to which the 
user is permitted access. 

3, (Original) An access system as in claim I, further comprising 

a certificate authority component, coupled to the certificate authentication 
component, to issue digital certificates to the user. 

4. (Original) An access system as in claim 1, further comprising 

a log system, coupled to the certificate authentication component, to record the user's 
actions in the compute site. 
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5. (Original) An access system as in claim 1 , further comprising 

a transaction authentication system, coupled to the certificate authentication component, 
to provide verified records of transactions performed using the computer site. 

6. (Original) An access system as in claim 5, wherein the transaction authentication 
system includes a digital signing module for validating transactions. 

7. (Original) An access system as in claim 1 , wherein the computer site is an extranet. 

8. (Currently amended) A method of regulating access to a computer site, 
comprising receiving from a user a request to access a computer site or a portion thereof, 
receiving information representative of the user's identity, 

consulting a directory containing an account for each individual user, each account 
containing an access poUcy specifying at least one portion of the computer site to which the 
corresponding user is permitted access, to determine whether the user is permitted to access 
the computer site or portion thereof, and 

controlling access to the computer site by permitting the user to access a portion of 
the computer site and restricting the user firom accessing at least one other portion of the 
computer site, based on the access policy for the individual user. 

9. (Original) A method as in claim 8, wherein consulting a directory includes checking 
the access policy to determine a portion of the compute site to which the user is permitted 
access. 

1 0. (Original) A method as in claim 9, wherein the receiving a request includes 
receiving a URL address for a site within the computer site. 
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1 1 . (Original) A method as in claim 8, wherein receiving information representative of the 
user's identity includes receiving a password, a retinal scan, a fingeiprint, or a document 
capable of being decrypted by a public key. 

12. (Original) A method as in claim 8, wherein receiving information representative of 
the user's identity includes receiving a digital certificate. 

13. (Currently amended) An access system for a computer site, comprising means for 
verifying a user's identity from a digital certificate supplied by the user, 

means, coupled to the means for verifying a user's identity, for maintaining an 
account for each individual user, each account contaming an access poUcy specifying at least 
one portion of the computer site to which the corresponding user is permitted access, and 

means, coupled to the means for stormg information, for controlling access to a 
computer site by permittmg the user to access a portion of the computer site and restricting the 
user from accessing at least one other portion of the computer site, based on the access policy 
associated with the individual user in the means for storing information. 

14. (Original) A access system as in claim 13, wherein the means for storing information 
includes information representative of a portion of the computer site to which the user is 
permitted access, 

15. (Original) An access system as in claim 13, further comprising 

means, coupled is said means for verifying a user*s identity, for issuing digital 
certificates to the user. 

16. (Original) An access system as in claim 13, further comprising 

means, coupled to said means for restricting access, for recording tiie user's actions in 
the con5)utQ:sitew 
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17, (Original) An access system as in claim 1 3, further comprising 

means, coupled to said means for verifying a user's identity, for storing verified 
records of transactions performed using the computer site. 
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